Affected Vendors This Week
- Fortinet — 6 CVEs (1 Critical, 1 Medium, 4 Low)
- Teltonika — 1 CVE (Unrated)
Critical Vulnerability Alert
This week brings one critical vulnerability that demands immediate attention: CVE-2025-22252 (CVSS 9.8), a missing authentication flaw in Fortinet FortiProxy 7.6.0–7.6.1, FortiSwitchManager 7.2.5, and FortiOS 7.4.4–7.4.6 and 7.6.0. This allows an unauthenticated attacker to access critical functions without credentials—a textbook remote code execution vector. If you're running any of these versions in production, patch immediately. Check Fortinet's security advisory for the latest firmware versions and apply them without delay.
Fortinet Roundup (6 CVEs)
Beyond the critical issue, Fortinet accounts for the entire vulnerability footprint this week. CVE-2025-47294 (CVSS 5.3, Medium) is an integer overflow affecting FortiOS 7.2.0–7.2.7 and 7.0.0–7.0.14 that allows remote unauthenticated attackers to crash the csfd daemon—a denial-of-service risk in older branches.
Four low-severity issues round out the list: CVE-2025-47295 (buffer over-read in FortiOS), CVE-2025-24473 (sensitive system information exposure in FortiClient Windows), CVE-2025-46777 (log file information leakage in FortiPortal), and CVE-2024-54020 (missing authorization in FortiManager). While individually lower risk, these warrant attention during your next maintenance window.
Teltonika Account Pre-Hijacking
CVE-2025-4687 (unrated, CVSS 7.2) affects Teltonika Networks Remote Management System (RMS) and exploits a flaw in the invite functionality to enable account pre-hijacking. If you manage Teltonika devices through RMS, review your pending invites and contact Teltonika for remediation guidance.
Recommended Actions
- Fortinet users: Prioritize patching CVE-2025-22252 immediately; schedule medium and low-priority updates this week.
- Check your current firmware versions against the affected ranges listed above.
- Teltonika RMS administrators: Audit pending invites and monitor for suspicious account activity.